One of the FAQ entries at Microsoft's XP-SR2 site recommends turning off the XP firewall if you decide to use another firewall on the same machine. There is no harm in running a firewall on your machine if you connect through a "server" with its own firewall, or through an "external hardware firewall," although it shouldn't be necessary. If the external firewall works, the internal one should never need to report anything.

Full details on what the XP SR2 firewall does are still dribbling out, but it appears that most of the "port locks" that SR2 applies will remain even if you "turn off the firewall." In effect, the firewall still monitors everything, it just doesn't bug you with a lot of reports about what's happening. It probably still blocks a bunch of ports until you go tell it that something can use one.

You may also find that XP SR2 will turn the firewall back on when you reboot, and you probably won't notice it's been turned back on unless you go to the new "Security Center" in Control Panel to look - unless you're getting illicit traffic and see reports pop up. The "not notice" part of course assumes that your other firewall doesn't conflict and produce some annoying result.

I can't say at this point that the XP firewall works the same way, but the anti-popup feature added to IE by SR2 does appear to defer to the Google Toolbar popup blocker. The IE popup blocker is quiet until I tell the Google bar to allow popups on a site, then it starts screaming that I'm being invaded by popups (and brags about how it's blocking them). Minor annoyance, and there's probaly a setting I could change to get rid of it, but it's not a big deal for me, as I only have about 3 sites where I allow popups, and once you've set the permission for Google and XP they both remember.

John